Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2667
Views
5
Helpful
4
Replies

Troubleshooting IP MTU

Go to solution
johnlloyd_13
Level 9
Level 9

‎07-09-2013 09:51 PM - edited ‎03-04-2019 08:25 PM

hi all,

i'm troubleshooting a MPLS VPN client with their intermittent/packet drops on one of their "sensitive" application.

i suspect this could be MTU problem and configured ip mtu 1400 and ip tcp-adjust mss 1400 on the CE router LAN interface.

my question is, do i also need to apply these commands on WAN interface?

and do i need to apply the command below?

Router(config-if)#ip virtual-reassembly ?

  drop-fragments    Drop all the incoming fragments

  max-fragments     Specify max number of fragments per reassembly (datagram)

  max-reassemblies  Specify max number of concurrent reassemblies

  timeout           Specify timeout value of the datagram being reassembled

  <cr>

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml 

https://supportforums.cisco.com/thread/2161900

http://blog.ine.com/2008/11/05/dealing-with-fragmented-traffic/#more-327

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎07-10-2013 08:10 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Btw, I've used 1400 bytes MTU in my config according to the excerpt from the first link:

Note: The MTU value of 1400 is recommended because it covers the most common GRE + IPsec mode combinations. Also, there is no discernable downside to allowing for an extra 20 or 40 bytes overhead. It is easier to remember and set one value and this value covers almost all scenarios.

Based from your experience, will cause any trouble?

Using a MTU smaller then really necessary doesn't cause any real trouble.  It does slow your bulk transfers a bit, as it decreases the overhead to payload ratio.  (NB: I often use 1400 IP MTU too.)

Not setting adjust-mss to (at least) 40 bytes less than your MTU, though, negates the advantage of this command. I.e., you should be setting this to 1360 if MTU is 1400, not 1400 too.  Without this command working as intended, you can have unnecessary packet fragmentation or hosts dealing with PMTUD adjustments.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎07-10-2013 07:11 AM

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

IP MTU is most applicable to egress, i.e. you may want to set on WAN interface not your LAN interface.

IP tcp-adjust mss is bi-directional.  I.e. you could apply on any interface that your traffic crosses, but if WAN interface is connected to the WAN, it makes most sense to configure it there.

BTW, normally IP tcp-adjust mss is set 40 less than IP MTU, to allow for IP and TCP (minimal/usual) overhead.

Don't believe you have a need to use virtual-reassembly.

PS:

One issue I've seen with incorrectly configured MPLS, it can reduce standard Ethernet by 4 bytes, i.e. max 1496 rather than the common 1500.

MPLS cloud intermittent packet drops might be caused by not keeping to committed data rates, if any.

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Joseph W. Doherty

‎07-10-2013 07:43 AM

Hi Joseph,

Thanks for your response! I re-read the first link I've posted earlier and it says to apply it on the outgoing interface.

I was monitoring the 3 MPLS sites the whole day and it seems the "ip mtu" and "ip tcp-adjust mss" combo did the trick (crossing my fingers).

Btw, I've used 1400 bytes MTU in my config according to the excerpt from the first link:

Note: The MTU value of 1400 is recommended because it covers the most common GRE + IPsec mode combinations. Also, there is no discernable downside to allowing for an extra 20 or 40 bytes overhead. It is easier to remember and set one value and this value covers almost all scenarios.

Based from your experience, will cause any trouble? Sorry if I haven't share any config as I was busy rectifying this problem and config is in my laptop.

Sent from Cisco Technical Support iPhone App

0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎07-10-2013 08:10 AM

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Btw, I've used 1400 bytes MTU in my config according to the excerpt from the first link:

Note: The MTU value of 1400 is recommended because it covers the most common GRE + IPsec mode combinations. Also, there is no discernable downside to allowing for an extra 20 or 40 bytes overhead. It is easier to remember and set one value and this value covers almost all scenarios.

Based from your experience, will cause any trouble?

Using a MTU smaller then really necessary doesn't cause any real trouble.  It does slow your bulk transfers a bit, as it decreases the overhead to payload ratio.  (NB: I often use 1400 IP MTU too.)

Not setting adjust-mss to (at least) 40 bytes less than your MTU, though, negates the advantage of this command. I.e., you should be setting this to 1360 if MTU is 1400, not 1400 too.  Without this command working as intended, you can have unnecessary packet fragmentation or hosts dealing with PMTUD adjustments.

0 Helpful

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Joseph W. Doherty

‎07-10-2013 09:04 PM

Hi Joseph,

Thanks for your advice! Will clean up my config and monitor again.

So far I slept soundly last night and hopefully this issue is resolved.

Sent from Cisco Technical Support iPhone App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card